SURYAA

Home

Telugu Version

English Version

Latest Updates National International Telangana Andhra Pradesh Cinema Business Sports

Let's get Social

Facebook Twitter Google +

North Korea-backed hackers launch cyber attack using computer files

 

by IANS |

Seoul, Dec 22 (IANS) A North Korea-linked cyber hacking group appears to have launched a new cyber attack campaign, code-named "Artemis," that embeds malicious code inside computer files, a report showed on Monday.


The Genians Security Center (GSC), a South Korean cybersecurity institute, said in a report that it detected the operation believed to have been carried out by APT37, a Pyongyang-backed cyber hacking group, reports Yonhap news agency.


According to the report, the threat actors embedded malicious object linking and embedding (OLE) code inside Hangul Word Processor (HWP) documents. An attack chain is triggered when a user allows the opening of the document's content and clicks a hyperlink in the file.


HWP is a document file format widely used as a standard in South Korea.


The findings follow an October report by 38 North, a U.S.-based website monitoring North Korea, which said North Korean cyber operators have repeatedly exploited the HWP format to infiltrate government, military and key industrial networks in South Korea.


"This attack demonstrates APT37's ongoing pattern of highly developed reconnaissance and infiltration activities," the GSC report said. "It also indicates that the group continues to refine its capabilities by leveraging advanced technical methods."


In November, a North Korea-linked hacking group launched a new form of cyberattack that remotely controls Android smartphones and personal computers (PCs) to delete key data, including photos, documents and contact information.


The group, believed to be affiliated with Pyongyang-sponsored groups Kimsuky or APT37, infiltrated victims' smartphones and PCs through malware distributed via KakaoTalk and stole account information for Google and major domestic IT services, according to the report by the Genians Security Center (GSC), a South Korean cybersecurity institute.


They remotely reset the smartphones after using Google's location-based tracking system to confirm the victims were outside their homes or offices.


The remote reset halted normal device operation, blocking notification and message alerts from messenger apps and effectively cutting off the account owner's awareness channel, thereby delaying detection and response, the report explained.


Through this process, key data stored on the infected devices, including photos, documents and contacts, were completely deleted.

Latest News
Gunfire reported near White House; no injuries Sun, Apr 05, 2026, 06:22 PM
Passport row: Assam CM's wife to take legal action against Pawan Khera Sun, Apr 05, 2026, 06:20 PM
IPL 2026: Klaasen, Reddy lift SRH to 156/9 after early collapse against LSG Sun, Apr 05, 2026, 06:10 PM
BJP captures power in Khanapur municipality of Telangana with BRS support Sun, Apr 05, 2026, 06:07 PM
Chinese tourist's experience in Beijing reveals rapidly expanding system of identity control Sun, Apr 05, 2026, 05:38 PM